>NIL:'s Blog

2007.01.16 (Tuesday)

Let's
face it, I have no real plan to continue blogging in here, and as much
as I like WordPress, I can't be ars… I mean bothered to have to update
the engine everytime a new vulnerability is discovered.
The lazy hacker™ solution then: save the meagre posts that exist on
these pages, upload good old trusted static HTML and get all ye script
kiddies to go to hell…

Why, thank you; you’ve been a wonderful audience to an increasingly disgruntled old man…

2006.02.24 (Friday)

Well,
if you live in a corporate world that swears by the National Socialism
Microsoft crap, you might, one day, have to mount some Active Directory
shares on a Linux server. I know, you’ll feel dirty all over from
bringing that abomination to Linux, but some people never learn…

2005.09.21 (Wednesday)

Well,
I gotta give my IS dept. some credit. It only took ‘em a couple of days
to figure out that tunneling was an option and to ramp up security to
disable any inbound packet that does not come as a reply to a previous
outbound one. Now we’re talking about something that looks like a real
firewall!
Now, I’d rather blame the makers of httptunnel for not seeing that one
coming. I mean, come on guys, it would have been child’s play to
conceal tunneled data into what looks like an innocuous HTTP binary
file download (of unknown size) for inbound data, and an HTTP POST
request for outbound.

But hey, when a door closes, a Window opens. “…and introducing: TCP-over-CGI (rutil_tcpcgi)!”
The only drawback is you need a webserver to place the cgi (but you don’t need root access there).

Now,
assuming that the cgi is running on your remote server, with the URL:
‘http://10.0.0.1/cgi-bin/tcpcgi.cgi’, and that this server is also the
machine you are trying to ssh to, then on the UNIX server you want to
connect from:tcpcgi -H 10.0.0.1 -f /cgi-bin/tcpcgi.cgi -d 127.0.0.1:22 -x 1000
ssh -v login@localhost -p 9111 -o NoHostAuthenticationForLocalhost=yes -o PubkeyAuthentication=no

For
some reason, I found that my public key authentication was screwed up
by tcpcgi (Ugh! I’ll have to re-enable password logon on my ssh box)
and it also appears to choke on a large flow of data (=> no sftp,
which is a bit annoying). Plus you have to reduce the max latency time
(-x) quite a bit if you go for an interactive shell. The algorithm is
adaptive, which is nice, but the default possible max of 60 secs is
not. Apart from that, this little utility does exactly what it says on
the tin, and it’ll sure be quite a challenge for a corporate IS dept.
to overcome.

Hey, if I find the proper motivation, I might even end up coding my own version of an HTTP wrapper for ssh…

2005.09.19 (Monday)

And so, 2 years later,
your IS dept. finally realized what a double edged sword ssh really
was, and not only did they disable the ssh port (not a big deal) but
they also monitor and forbid any ssh like traffic on any port. Getting
better guys! Well, if you’re lucky, they’ll want you to use an
ssh-relay box that they can monitor or something, but hey, I’m just not
the kind of guy that likes to be monitored, and I still want to connect
to my Linux box @ home without anybody peeking over my shoulder.

The only trick is the “NoHostAuthenticationForLocalhost=yes” option on ssh.
Without it, you’ll get an “ssh_exchange_identification: Connection closed by remote host” error, because of the host hopping.

But
anybody knows something’s amiss when Shawshank Redemption continuously
occupies slot #2. I mean, the movie’s good, but it should take more
than that to achieve a place in the top 5 (let alone the top 3). Show
me a cinematic effect that makes you go “Wow!” in Shawshank’s (no, I’m
NOT talking FX, I’m talking cinematography!). No? Thought so…

And
since you’re so kind as asking, the ones that I have seen that should
either NOT be in the top #250 or at a much lower place than it
currently is:
Spider-Man 2, Dogville (interesting but not top #250 material), The
Terminator, Ed Wood (Scissorhands is better suited for that!), Big Fish
(at best, this should be #249 or something), Finding Neverland (lower,
much lower), Kill Bill Vol. 2 (I’ve seen the first one: puh-lease, that
was enough!), Reservoir Dogs, Kill Bill Vol. 1 (and let’s kill the
suspens, anything by Tarantino should be out), Saving Private Ryan
(should be low rank - there are much better Spielbergs out there.
Besides, if you drop the first 1/2 hour of the movie, there’s not much
top #250 material left, is there. We’re talking about feature films,
not short stories), Fight Club (highly overrated), American Beauty
(lower or out!), Pulp Fiction (#11?!? are you kidding me?). Fargo
should be lower too. Batman Begins in there as well? Oh Lord, is there
no respect whatsoever for good cinema? Green Mile, lower.
Examples of films that should have replaced the above? (In no
particular order): Tron, Millions, Secretary, Touching The Void, Paris
Texas, The Hurricane, WarGames, K-Pax, Matrix Reloaded (and possibly
Revolutions), Chicken Run, Contact, Apollo 13, Gattaca, one Harry
Potter movie (but only one), Fearless, The Abyss (in replacement of
both Terminators), ‘Bullit’, Always (in replacement of ‘Saving …
Ryan’), The Bourne Identity, Porco Rosso, Kiki’s Delivery Service (If
you have Totoro and Sen to Chihiro no kamikakushi, you might as well
add these), Conspiracy Theory, Dances With Wolves, I Am Sam, Starship
Troopers, Airplane!, A Very Long Engagement…

2005.06.22 (Wednesday)

Well, I’m in a good mood today, since the PSP 1.5 firmware was hacked in a proper manner to allow you to run homebrew. Did I tell you the PSP rocked? Therefore, I shall be playing the best game ever, a.k.a. “Another World”, on the PSP before long.Speaking of which…:

“Another
World should serve as a reminder that some games were so damn good that
you didn’t need to be collecting every star or unlocking secrets in
order to garner replay value, you just wanted to experience it again
and again to get every last drop of pixelated pleasure.”

“Half
Life is often credited with mixing narrative snippets into gameplay,
but Another World had already done it. ICO is lauded for its minimalist
gameplay and lack of superimposed interface elements, but Another World
had already done it. If a game were to come out today with the same
kind of originality, minimalism and simple but highly suggestive
cinematic shots that Another World pioneered in 1991, there’s no
telling how many industry awards it would round up. Another World is
one for the gaming history books.”

So,
you finally took the plunge and got yourself one of these (relatively)
good value Sony DVP players. But then, thanks to the !”?$%^%$?! MPAA,
you find yourself locked back into a single region: SHOCK AND HORROR!
By now, you’re been browsing over the internet, and what you found are many expensive
& impractical offers that say they can turn your Sony player region
free by sending you some ridiculously priced stuff, or you found a list
of codes to be used with yet again an expensive ‘universal’ remote controller which you don’t have.

There has to be a MUCH CHEAPER and almost immediate solution to get your player region free, dammit!
Well, if you have a PC with a serial port, there is. Exposed below is a very cheap and simple solution to turn your Sony DVD player into a region free one.

But first, I’ve got to acknowledge that this is merely a rip off what you can find on selen.org’s site. I especially don’t want to take any credit for what is other’s hard work. In particular, I got to thank Blank Frank
for the excellent winsamp utility, which is the keystone of this
process. I obviously got to thank the selen’s site for the Sony winsamp
codes, and finally, the very simple montage I give comes straight from
the “Simple transmitter circuit on serial port” diagram you can see at
the lirc site.
The things you do with a good search engine!

So,
the trick here is to use the winsamp utility with cheapest and simplest
InfraRed (IR) transmitter montage we can plug on a PC’s serial port,
and then use the PC to send the unlock codes to the DVP unit, as if we
were using one of these Universal Remote Controls. Yes, you can easily
turn your PC into a universal remote. Nifty, heh?

Of course, you will still need to build an InfraRed transmitter, but, as the picture below proves, this is really no big deal.
In fact, you might even not need a soldering iron if you find your own
way to make each component stick with the other (I wouldn’t recommand
sticky tape, but it will probably do if you don’t have anything else).
The thing is, if everything goes well, we’re only going to use that
small IR transmitter once, so it doesn’t have to be quakeproof
electronics. As long as each component is connected to the other in the
right order and the whole thing is plugged properly into the serial
port, it’ll do.

To
build the IR transmitter, you will need the following, which you should
be able to find without trouble in any electronics component retail:
- one LD271 IR LED (Siemens GaAs 950 nm Infrared LED - datasheet)
- one 1N4148 diode
- one 1 kO (one kilo Ohm) 0.6 W resistor

This should cost around €1 (or $1) at any good electronics store

Once
you got those, simply build the IR emitter as shown in the picture
below. Note that the diode is connected to the longest leg of the IR
LED (the anode) with the black ring end of the diode (the cathode)
towards the LED. It is very important to connect the diode and the LED
as described above, as these components are polarized. The resistor
(light blue with colored rings on the picture) has not polarity and can
be connected in any direction, but the anode from one polarized
component should always be connected to the cathode of another
polarized component.

With
the IR transmitter complete, all you need to do is connect the anode of
the LED (which should be the pin with the diode by now) to the TxD pin
(pin #3) of a PC serial connector , and the cathode (pin with the
resistor) to the Signal Ground (pin #5) and use winsamp to transmit the
unlock code.

Of course connecting the transmitter directly to
the PC serial port can be quite inconvenient, first because this is a
male connector, so you’ll need crimp connectors (as in the picture) or
something else to hold the pins in place, and also because then you
will have to find a way to place your PC so that the IR LED is less
than a few centimeters to the Remote sensor of the DVD unit.

The
best solution is therefore to plug it into a serial cable if you have
one, so that you can move the LED around without having to hold some
cumbersome piece of equipment in your arms. In the picture below the IR
transmitter is plugged into a DB9 serial extension cable. I used crimp
connectors because the end is male there again, but this is no big
deal. The best of course is to use have a DB9 female to female cable,
because then you can do without the crimp connectors and just stick the
pins of the transmitter in there. But then you have to know whether
it’s a crossed cable (null modem) or a straight one, as you will need
to use pin#2 (RxD) instead of pin #3 (TxD) is it’s a null modem cable.

The
pins should be indicated on the cable or the COM: port itself (if you
look closely), so making sure you plug the transmitter properly
shouldn’t be a big deal. Else you can look for the numerous pinout
diagrams of an RS232 port on the internet.

At this stage I
also have to stress out that USING THIS MONTAGE WILL PUT SOME STRESS ON
THE SERIAL PORT, AS THE ORIGINAL PC’S SERIAL PORT HAS NOT BEEN DESIGNED
TO DRIVE CURRENT THROUGH A LED. I therefore take no responsability in
any damage that might occur. However, if your PC is less than 10 years
old, it should be built to handle that kind of stress (which we limited
to the bare minimum by adding a resistor in our montage), and since
this should be a one of operation, there’s not much sleep to be lost
over it (yes, I tested it on my PC and it worked flawlessly). On recent
PC’s, I doubt this will put that much of a strain on your serial port
(because most recent PC’s take provision for that kind of stuff) but
you need to understand the risks associated with this operation.

OK,
at this stage, I will assume that you have our $1 IR trnasmitter
plugged onto your COM2 serial port, and you can then follow the
procedure detailled on selen’s site:

1. Download the winsamp package from Blank Frank’s site (or this local copy).
2. Extract the package onto a bootable DOS floppy disk.
3. Download the IR code file from selen’s (or this local copy) and place it in the same directory as the package above.
4. Boot up your PC from the floppy disk and run winsamp.exe, it will
use COM2: by default, which is the port where your simple IR
transmitter should be connected. If you are using COM1: indicate this
with the command ‘winsamp C1'.
5. Press the ‘r’ key to load up the unlock codes into winsamp.
6. Locate the stylized ‘R’ logo (an ‘R’ drawn in one line, with an
extra vertical leg on the left) on the face of your DVD Player which
indicates the location of the IR Remote Control receiver. For the
DVP-NS585P, it is located at the right of the front panel, under the
“Eject” button. You need to place our IR Transmitter less than 2 or 3
cm from this receiver for the hack to work.
7. Make sure your DVD player is in standby mode with no disc in the drive.
8. Run the IR codes from 1 to 5 by pressing Enter on each corresponding button.
9. Your DVD player should start up and display the text “SUCCESS” (With
the DVP-NS585P, this appears on the front panel, not on the TV)
10. Wait for your player to return to standby mode. If it doesn’t do this automatically, repeat step 8 until it shuts down
11. Enjoy having turned your Sony DVD player into a Region Free one for peanuts.
And be a nice person; if you know someone else with a region protected
Sony DVD player, lend them your IR transmitter and have them follow
this procedure so that they can be region free too…

2004.07.18 (Sunday)

OK, so I dastardly abandonned Depl0y’s excellent blog engine for WordPress…
Well, the truth is, Depl0y has other things to worry about now , and you can’t beat a group of people working with the GPL in the palm of their hand.
Plus this blog looks nice “out of the box”, which spares the need to be creative

2004.05.11 (Tuesday)

Rot
in hell, Bill Gates!!!! Don’t fucking ever try to prevent ME to do what
I want with MY computer, like erasing these bloody undeletable files.

Ever got that message?
“Error deleting file or folder
Cannot delete yada: it is used by another person or program.
Close any program that might be using the file and try again”

Sounds
familiar heh? And you tried logon/logoff/reboot/safe mode/chkdisk and
all that crap and nothing works, and all the M$ articles on the net
tell you it’s because you’re in NTFS, while you know darn well that
you’re on FAT32 partition.

The solution:
1/ Open a dos prompt
2/ Open the Task Manager and KILL KILL KILL that Explorer, because
that’s the SOB that’s ultimately keeping a bloody lock on your file!!!
3/ While Explorer is being kicked in the nuts (and it deserves it), use the DOS del command to get rid of your file at last.
4/ Enjoy the BLISS OF BEING BACK IN CONTROL OF YOUR COMPUTER AGAIN

As any Linux user will tell you: “Well I never…” (…ever have that kind of problem on Linux)

So that’s the end of one of the MOST FRUSTRATING BEHAVIOUR OF LOOSEDOWS EVER.